General
-
Target
2025-04-05_969282287e5be1610de933ef5d80732e_black-basta_cobalt-strike_satacom
-
Size
6.3MB
-
Sample
250405-dscd5syvfw
-
MD5
969282287e5be1610de933ef5d80732e
-
SHA1
a84c4c819b8f8498d4df9be3532b52ba0c60dfd0
-
SHA256
4ed28eb33e0c95837d8d8ede7bd4935c2aa26c6e035188224c1d6b058ff8c874
-
SHA512
543235a717135235cfcfa9e6be37e8a0a1813dd4a424f19e6aa2f5fdd088e3d2967bf2f2a73f9cbfcf0252e7c046821aa1fa2210d4f0c473b659f33958ae5d5b
-
SSDEEP
196608:+xCvbUpFZ6pCPK6YYzaOFvcVLa7hwIFQf6jEnoDj:lgFNRLvga1w8Qf6EoDj
Behavioral task
behavioral1
Sample
2025-04-05_969282287e5be1610de933ef5d80732e_black-basta_cobalt-strike_satacom.exe
Resource
win10v2004-20250314-en
Malware Config
Extracted
hijackloader
-
directory
%APPDATA%\fkd_Control_test
-
inject_dll
%windir%\SysWOW64\input.dll
Targets
-
-
Target
2025-04-05_969282287e5be1610de933ef5d80732e_black-basta_cobalt-strike_satacom
-
Size
6.3MB
-
MD5
969282287e5be1610de933ef5d80732e
-
SHA1
a84c4c819b8f8498d4df9be3532b52ba0c60dfd0
-
SHA256
4ed28eb33e0c95837d8d8ede7bd4935c2aa26c6e035188224c1d6b058ff8c874
-
SHA512
543235a717135235cfcfa9e6be37e8a0a1813dd4a424f19e6aa2f5fdd088e3d2967bf2f2a73f9cbfcf0252e7c046821aa1fa2210d4f0c473b659f33958ae5d5b
-
SSDEEP
196608:+xCvbUpFZ6pCPK6YYzaOFvcVLa7hwIFQf6jEnoDj:lgFNRLvga1w8Qf6EoDj
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-